Menu

5 Things You Should Do If You Are Infected By Ransomware

Imagine you are in office, answering email or doing some other important work. Suddenly, a screen flashes up on your computer, demanding you ransom if you wish to see your files again. what would you do then? Will you pay the ransom? No, you are not supposed to do that. Most security experts advise against paying ransoms as there is no guarantee that you will get your files back if you pay. Also, paying ransom encourages more ransomware attacks.

It is true that ransomware infection can be very scary & frustrating. However, it is better to sit down calmly, take a deep breath and act wisely.

In this blog, I have created this list of five things that you should do right away after knowing that your computer is having ransomware on it.

You should disconnect the computer from the network immediately

The moment you come to know that your computer is having ransomware on it, the first thing you need to do is take it offline. You should pull the ethernet cord, shut off the Wi-Fi as well as shut off the computer. Some ransomware can spread through network connection, so it is better to disconnect the computer from the network as soon as possible.

Disable all your shared drives

Some ransomware, such as CryptoFortress & Locky, can encrypt network as well as shared drives connected to the infected computer. So if you think that you have a ransomware infection, it is better to take all of your shared drives offline until you have cleaned out your network.

Speak with your user

Once you have disconnected the computer from the network and disabled your shared drives, take some time to speak with your user about what they were doing prior to the ransomware infection. Learning from your user that how the malware got on their computer can help you better combat any further attacks.

Also alert the rest of your users

After knowing what type of attack you are dealing with, you should alert the rest of your users so they can be on guard for any future ransomware attacks. Also, give your users proper cyber security training as well as be better equipped in order to avoid these attacks in the future.

Update & run your security software

Now that you have already isolated the infected computer as well as alerted your users, update as well as run your security software. Ransomware changes pretty rapidly; so you need to make sure that you have the most current version of your antivirus as well as anti-malware endpoint protection installed on computers throughout your network.